#!/bin/bash

# ----------------------------------------------------------------------
# Filename:   passwd.sh
# Version:    1.0
# Date:       2013/12/10
# Author:     huijing.hei
# Email:      huijing.hei@cs2c.com.cn
# Summary:    03系统安全功能-07身份鉴别-03验证系统采用强化管理的口令鉴别
# Notes:       ***
# Copyright:    China Standard Software Co., Ltd.
# History：     
#             Version 1.0, 2013/12/10
#             - passwd.
# ----------------------------------------------------------------------

##! @TODO: add user
##! @AUTHOR: huijing.hei
##! @VERSION: 1.0 
##! @OUT: 0 => success; 1 => failure

function DoSetup()
{
    trap DoCleanup EXIT INT 

    IsRoot
    EchoResult "root"

    CmdCheck useradd userdel


    TEST_USER=u123
    TEST_USER_PASSWORD=useriden789

    UserCheck "${TEST_USER}" && userdel -r "${TEST_USER}"

    AddUserPasswd "${TEST_USER}" "${TEST_USER_PASSWORD}"
    EchoResult "add user ${TEST_USER}"
}

##! @TODO: passwd
##! @AUTHOR: huijing.hei
##! @VERSION: 1.0 
##! @OUT: 0 => success; 1 => failure
function DoTest()
{
    local WRONG_PASSWORD=1234
    local WEAK_PASSWORD=12345678
    local NEW_PASSWORD="ns2014%*"

    sleep 2

    expect <<-END

        set timeout 20

        spawn su - ${TEST_USER} -c "LANG=C passwd"
        expect "(current) UNIX password:"
        send "${WRONG_PASSWORD}\r"

        expect {
          "passwd: Authentication token manipulation error" { send_user "PASS: wrong passwd\n"; exit 0 }
          "ew password:" {send_user "pls input new password\n"; send "${WEAK_PASSWORD}\r"; }
          timeout {send_user "timeout, testcase exec failed\n"; exit 1; }
          
        }

        expect {
          "Weak password: not enough different characters or classes." { send_user "PASS: weak password\n"; exit 1; }
          "type new password:" { send_user "FAIL: weak password\n"; exit 1; }  
          timeout {send_user "timeout, testcase exec failed\n"; exit 1; }
        }

        catch wait result
        exit [lindex \$result 3]

END
EchoResult "1/3 passwd: change password"
# 2/3
    expect <<-END

        set timeout 20

        spawn su - ${TEST_USER} -c "LANG=C passwd"
        expect "(current) UNIX password:"
        send "${TEST_USER_PASSWORD}\r"

        expect {
          "passwd: Authentication token manipulation error" { send_user "PASS: wrong passwd\n"; exit 1; }
          "ew password:" {send_user "pls input new password\n"; send "${WEAK_PASSWORD}\r"; }
          timeout {send_user "timeout, testcase exec failed\n"; exit 1; }
          
        }

        expect {
          "it is too simplistic/systematic" { send_user "PASS: weak passwd\n"; exit 0 }
          "Weak password: not enough different characters or classes." { send_user "PASS: weak password\n"; exit 1; }
          "type new password:" { send_user "FAIL: weak password\n"; exit 1; }  
          timeout {send_user "timeout, testcase exec failed\n"; exit 1; }
        }

        catch wait result
        exit [lindex \$result 3]

END
EchoResult "2/3 passwd: change password-weak password"


#3/3
    expect <<-END
        set timeout 20
        spawn su - ${TEST_USER} -c "LANG=C passwd"
        expect "(current) UNIX password:"
        send "${TEST_USER_PASSWORD}\r"

        expect {
          -re "(N|n)ew password:" {
              send "${NEW_PASSWORD}\r"
              exp_continue
              }
          "Unknown user name" {
              send_user "${TEST_USER} not exists\n"
              exit 1
              }

          "Weak password: too short." {
              send_user "Your password is too short\n"
              exit 1
              }
          "it is based on a dictionary word" {
              send_user "Your passord is failed"
              exit 1
              }
          timeout {send_user "timeout, testcase exec failed\n"; exit 1; }
            }

        catch wait result
        exit [lindex \$result 3]
END
EchoResult "3/3 passwd: change password"

}

##! @TODO: cleanup, delete user
##! @AUTHOR: huijing.hei
##! @VERSION: 1.0 
##! @OUT: 0 => success; 1 => failure

function DoCleanup()
{
    sleep 3
    UserCheck "${TEST_USER}" && userdel -r "${TEST_USER}"
}

# include lib files

if [ -z "$SFROOT" ]
then
    echo "SFROOT is null, pls check"
    exit 1
fi

. ${SFROOT}/lib/Echo.sh
. ${SFROOT}/lib/Check.sh
. ${SFROOT}/testcases/Security/lib/UserOps.sh

export LANG=C

DoSetup
DoTest
EchoResult "testcase: passwd- change user password"
echo ""
